You can now find Cyber Kendra on Google News | Telegram

iCloud Hacked: Researcher Demonstrate Security Bug on iOS 8.3

Apple iCloud Hacked, Bug on iOS 8.3, Phishing attacks on apple icloud users, hacking icloud users
Bug on iOS 8.3
A security researcher claims to have developed a way to send iCloud users fake phishing emails that, by exploiting a security bug in Apple's mobile operating system, could make millions of customer passwords vulnerable.

Researcher Jan Soucek, have built an iOS 8.3 inject kit which exploits a bug in the Apple mobile operating system's native email client to produce a realistic pop-up that looks just like the kind of messages Apple users normally see when they're asked to enter their password.

Soucek had reported the issue to Apple team in January, but unfortunately he didn't get any response from Apple. Apple security team had also not confirmed the security bug till yet. 

Soucek says - 
"This bug allows remote HTML content to be loaded, replacing the content of the original email message. JavaScript is disabled in this UIWebView, but it is still possible to build a functional password 'collector' using simple HTML and CSS."
Apple team have not commented on this report, but this issue once again shows how easily scammers and hackers perform a Phishing attacks upon Apple's users.

Soucek had published his tools on GitHub and says it is a better phishing tool than using a form directly within a HTML email because it targets only users of the iOS app and allows changes to be made to already live phishing campaigns.

You can also check the POC demonstration of the Mail.aap in a video

Last time, iCloud hacked was headlines for several media, where thousands of celebrities private photos were leaked under a campaign called "The Fappening "

Post a Comment

Cookie Consent
We serve cookies on this site to analyze traffic, remember your preferences, and optimize your experience.
It seems there is something wrong with your internet connection. Please connect to the internet and start browsing again.
AdBlock Detected!
We have detected that you are using adblocking plugin in your browser.
The revenue we earn by the advertisements is used to manage this website, we request you to whitelist our website in your adblocking plugin.
Site is Blocked
Sorry! This site is not available in your country.